Vulnerability Details : CVE-2015-7540
The LDAP server in the AD domain controller in Samba 4.x before 4.1.22 does not check return values to ensure successful ASN.1 memory allocation, which allows remote attackers to cause a denial of service (memory consumption and daemon crash) via crafted packets.
Vulnerability category: Denial of service
Exploit prediction scoring system (EPSS) score for CVE-2015-7540
Probability of exploitation activity in the next 30 days: 13.25%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 95 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2015-7540
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST |
|
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2015-7540
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-7540
-
https://security.gentoo.org/glsa/201612-47
Samba: Multiple vulnerabilities (GLSA 201612-47) — Gentoo securityThird Party Advisory
-
http://www.debian.org/security/2016/dsa-3433
Debian -- Security Information -- DSA-3433-1 sambaThird Party Advisory
-
https://www.samba.org/samba/security/CVE-2015-7540.html
Samba - Security Announcement ArchiveVendor Advisory
-
http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174076.html
[SECURITY] Fedora 23 Update: samba-4.3.3-0.fc23Third Party Advisory
-
http://www.securitytracker.com/id/1034492
Samba LDAP Memory Consumption Flaw Lets Remote Users Cause the Target System to Crash - SecurityTrackerThird Party Advisory;VDB Entry
-
https://git.samba.org/?p=samba.git;a=commit;h=530d50a1abdcdf4d1775652d4c456c1274d83d8d
git.samba.org - samba.git/commitPatch;Vendor Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00033.html
[security-announce] openSUSE-SU-2015:2356-1: important: Security updateMailing List;Third Party Advisory
-
http://lists.fedoraproject.org/pipermail/package-announce/2015-December/174391.html
[SECURITY] Fedora 22 Update: samba-4.2.7-0.fc22Third Party Advisory
-
http://www.ubuntu.com/usn/USN-2855-2
USN-2855-2: Samba regression | Ubuntu security noticesThird Party Advisory
-
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
Oracle Linux Bulletin - January 2016Third Party Advisory
-
http://www.securityfocus.com/bid/79736
Samba CVE-2015-7540 Remote Denial of Service VulnerabilityThird Party Advisory;VDB Entry
-
https://bugzilla.redhat.com/show_bug.cgi?id=1288451
1288451 – (CVE-2015-7540) CVE-2015-7540 samba: DoS to AD-DC due to insufficient checking of asn1 memory allocationIssue Tracking;Third Party Advisory
-
https://git.samba.org/?p=samba.git;a=commit;h=9d989c9dd7a5b92d0c5d65287935471b83b6e884
git.samba.org - samba.git/commitPatch;Vendor Advisory
-
http://www.ubuntu.com/usn/USN-2855-1
USN-2855-1: Samba vulnerabilities | Ubuntu security noticesThird Party Advisory
Products affected by CVE-2015-7540
- cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*